Another story about how we are doomed – this time with computers!
By and large I tend to keep my vocation (what I do to make money) entirely separate from the things that I write about. Even when that writing is the impoverished form of the blog entry, I try to keep it distinct from my life as a technologist. However I am making some career shifts that will entail, at the very least, working (in my vocation) with more of my anarchist friends, so here I ponder some things that connect the two worlds.
This is a report back from a “trust” conference I went to last Thursday called Trusty Con (https://trustycon.org/). I stayed for the first two of three sessions (loosely: legal, technology, and activism). You can see what I saw here – https://www.youtube.com/watch?v=lkO8SNiDSw0. I strongly recommend you watch this if you are interested in current discussions on security and trust in computer communication.
On one level this was a protest event in relation to the RSA Conference (held a block away at the Moscone Center). On another level it was an event needed in its own right. It included a variety of the usual suspects on the topic (EFF, Free Speech Foundation, etc).
Adorably, Trusty Con was held in a movie theater. What was less adorable was the punchline to the event, which is that state agents are incredibly powerful. To give just one example, the presentation by Steve Weiss on “Trusted Computing Tech and Government Implants” was authentically and deeply terrifying. It detailed less than 10% of the known list of active NSA programs designed to compromise server technology, and while there were gaping holes in what could be determined from the slides (it was unclear what the compromise in security would mean for intelligence), what was clear is that current and future attacks on privacy and dissent are coming in directions previously impossible.
Two examples from the slides: a program (DIETYBOUNCE) that attacks the firmware (the software layer that is active after the machine turns on and before the operating system starts) on Dell servers, using a simple USB key insert. This results in a payload delivery into an operating system at boot time. Another program (Cottonmouth) is the production of USB dongles that include a radio for a secondary mechanism to either keylog, root, or attack an air gapped machine. The important point here is that LEO can currently do things that we only suspected it to be capable of up till now and we know some of the specifics.
To put it another way, and this was nicely demonstrated by some slides, compared to us, state agents are in fact operating on the level of James Bond, and our ability to defend ourselves against them, especially when they are focused on us specifically, is nil (or might as well be). Things are far scarier, in this regard, than I imagined.
For the participants of the event this was in contrast to the more recent and perhaps actionable category of problems called SBC (surreptitious bulk collection). In the pre-history of law enforcement (aka before 9/11) the idea was that LEO (law enforcement officers) would start with a crime (or at the very least a suspect) and then use forensic and investigative tools to determine guilt or innocence, or the very least prosecutability. In the past decade infrastructure has been put into place to harvest enough metadata from the entire world to work from the other direction.
The activist privacy advocate would argue that better, or different, laws would protect us from the consequences of this state of affairs. The technologist privacy advocate has to argue that the capacity to harvest is the real risk and that technologies to hide metadata are urgently necessary. The anarchist has to shiver in terror at either solution. For the 96% of the world that isn’t the US, but whose data passes through our pipes, the anarchist isn’t being dramatic enough.
Obviously trust in governmental agencies is out of the question, not only for anarchists but for any intelligent person. (One might trust that the evaluative capacity of LEO is limited as far as what they can grok, but the consumptive capacity can now safely be assumed to be infinite.)
This doesn’t mean that everything we do is being watched. Modern paranoia should be tempered with some understanding of the context in which we live. Many things (especially meta data to services like email, searching, our browser fingerprint, etc) are stored and “big data” type calculations are connecting our usage of Internet communication to Real LifeTM but LEO is still a slow, lumbering beast that thinks in terms of Occam’s Razor and prefers cops-and-robbers (ie the Shield) to Pattern Recognition.
Prosecutorial instincts aside, this does mean that the Internet has become enclosed. It is not a place where freedom happens by default, and whatever libre does occur here does so because of the intentional and consistent labor of someone. Probably someone who is paying for and implementing the infrastructure and technologies for others to perform freedom. In this world, someone is always paying, either directly or in exchange for psychological manipulation (riffing off of Schneier for this one). Most of us have become accustomed to being manipulated, so it seems like the lesser cost. But is it?
Blah. I’m getting too wrapped up in this entire way of looking at the problem. I am a service provider to radicals. I’ve always been ambivalent about it and I’ve done it anyway. I’ve done it less over the years but I think that was the wrong instinct. The right approach was, and is, finding a crew of politically like-minded @ (ie hopeless ones) to do this work with. I have spent too much time doing it alone and now it just feels like an impossibly huge task, especially to do it right.
To put it another way, Riseup does a great job of delivering email but they do little else. Even less that they are “held accountable” for (crabgrass being a case in point). They do not do web hosting because web hosting is a support nightmare! As a matter of fact it’s been 10 years or so since any radical group (tao, mutual aid, etc) has done public web hosting. AFAICT this is because it’s difficult to do and exhausting (no reward if you aren’t doing it for $). Even the providers of free blogging (like noblogs) don’t seem particularly proactive when it comes to user requests. Helping people, day in day out, is hard. Not like rocket science hard but hard enough to be damn near impossible for radicals (and, obviously this is also true for services like those offered by paypal or gmail).
I used to make fun of anarchists who would decry other anarchists with the claim that we needed to “get organized.” Of course they were right if we shared a goal of social revolution or whatever, but they were also deeply wrong, because we don’t share that common of a goal at all. We live in a highly attenuated age where articulation of shared (especially mass) goals is rather naive. Perhaps the end of revolutionary aspirations has entirely negative consequences for the bulk of human, or radical, endeavors but it can’t be said to be innocent… Innocence, today, seems to live in the “in between places” where someone communicates with others, can seem articulate and bright, but has knowledge that is entirely “wikipedia deep” and is more-or-less not available without access to a cell phone. Innocence is the fatal response to leftism, not by becoming the Right (or Conservative) but by becoming useless.
In non-anarchist green thought the topic of enclosure, especially in the intellectual and cultural sense of the term, has been topical for decades. Whether the critique was about using plastic or television sets, the answer was to do less of it (aka the liberal response) or to shy away from destroying our capacity to do it all (the radical response). The anti-civilization turn was to begin with the radical response and go further… but to what end? To become the meanest, greenest boy scouts ever (rewilding)? To become indistinguishable from the street corner preachers declaring apocalypse is nigh? Technology marches on, as a force of doing (rather than convincing), and has overshadowed all critiques of it as a universalizing, totalizing, apocalypse-in-waiting by demonstrating that that isn’t all bad.
When I am feeling hopeless (which is often) I intersect these two lines. On the one hand radicals have valorized uselessness (ie being triggered, idle, anti-work, Critical, etc) and on the other the march of technology has generated meaningful, life-altering, subjectively positive consequences in the vast majority of people’s lives.
My paid work has made me a more successful anarchist not because I’ve become entranced by technology. Quite the opposite. I find technology to be increasingly annoying, cloying, and asphyxiating. But I also recognize that prior to experiencing the constraints of the real world (exemplified by but not limited to paid work) I was not able to set my mind to a task and see it through to completion. Success, as an anarchist, is not about winning (duh). It is about having the capacity to play in increasingly interesting and complex terrains with equally compelling people.